Alternatives and similar repositories for attest-sbom:

Users that are interested in attest-sbom are comparing it to the libraries listed below

• advanced-security / sbom-generator-action
  ☆15Updated last month
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆178Updated 6 months ago
• github / actions-oidc-debugger
  An Action for printing OIDC claims in GitHub Actions.
  ☆83Updated last week
• reviewdog / action-tfsec
  Run tfsec with reviewdog on pull requests to enforce security best practices
  ☆74Updated last week
• tj-actions / auto-doc
  Github action that turns your reusable workflows and custom actions into easy to read markdown tables.
  ☆48Updated this week
• DataDog / github-action-vulnerability-analysis
  ☆19Updated 3 years ago
• SvanBoxel / organization-workflows
  Need to centrally manage and run Actions workflows across multiple repositories? This app does it for you.
  ☆133Updated 10 months ago
• fossas / fossa-action
  Find license compliance and security issues in your applications with FOSSA and GitHub Actions.
  ☆51Updated last month
• open-policy-agent / setup-opa
  Sets up Open Policy Agent CLI in your GitHub Actions workflow.
  ☆48Updated 11 months ago
• actions / publish-immutable-action
  A GitHub Action used for publishing an Action to ghcr.io as an OCI container.
  ☆71Updated 4 months ago
• philips-labs / slsa-provenance-action
  Github Action implementation of SLSA Provenance Generation
  ☆47Updated 2 weeks ago
• actions / attest
  Action for generating attestations for workflow artifacts
  ☆44Updated last week
• zkoppert / advanced-security-enforcer
  A GitHub action for organizations that enables advanced security code scanning on all new repos
  ☆39Updated last year
• slsa-framework / github-actions-demo
  Proof-of-concept SLSA provenance generator for GitHub Actions
  ☆99Updated 2 years ago
• github / cleanowners
  A GitHub Action to suggest removal of non-organization members from CODEOWNERS files
  ☆127Updated last week
• chainguard-dev / darkfiles
  Darkfiles finds orphaned files in container images and makes them to bad deeds
  ☆41Updated last year
• github / actions-oidc-gateway-example
  Example of using Actions OIDC token to proxy into a private network
  ☆91Updated last month
• anchore / yardstick
  Compare vulnerability scanners results (to make them better!)
  ☆16Updated this week
• actions / runner-container-hooks
  Runner Container Hooks for GitHub Actions
  ☆84Updated 4 months ago
• zgosalvez / github-actions-ensure-sha-pinned-actions
  A Github Action to ensure that actions are pinned to full length commit SHAs
  ☆41Updated last week
• reviewdog / action-hadolint
  Run hadolint with reviewdog 🐶
  ☆51Updated this week
• security-alert / security-alert
  [GitHub] A Command Line ToolKit for GitHub Security Alert.
  ☆27Updated 4 months ago
• danielbraun89 / nanolayer
  ☆48Updated 7 months ago
• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆50Updated last month
• chainguard-dev / bomshell
  An SBOM query language and associated utilities
  ☆54Updated last year
• redhat-plumbers-in-action / differential-shellcheck
  🐚 GitHub Action for running ShellCheck differentially
  ☆59Updated 2 weeks ago
• helaili / github-oidc-auth-app
  An OIDC client to retrieve a GitHub API scoped token from within an Actions workflow
  ☆27Updated 11 months ago
• terraform-linters / tflint-ruleset-opa
  Experimental: TFLint ruleset plugin for writing custom rules in Rego.
  ☆67Updated last week
• ossf / scorecard-monitor
  Simplify OpenSSF Scorecard tracking in your organization with automated markdown and JSON reports, plus optional GitHub issue alerts
  ☆33Updated last month
• cloud-gov / caulking
  Prevent leaks with gitleaks, and use tests to validate
  ☆32Updated 3 months ago